PROXIMANOVA-LIGHT.OTF PROXIMANOVA-LIGHTIT.OTF PROXIMANOVA-EXTRABLD.OTF PROXIMANOVA-BOLD.OTFPROXIMANOVA-BLACK.OTF
Get this font in here!
This Article Applies to:
- Avast Business Hub
Application Rules are specifically meant to control the access for various applications that may run on your devices. You can choose whether connections for applications with no defined rules are auto-decided by the Firewall, chosen by the user, or allowed/disallowed in the drop-down menu. We recommend you ensure these rules are controlled by your console for maximum security across your network.
Default Application Rules
Each policy contains default application rules to allow common applications to communicate properly. You can modify or delete these rules as you wish in order to change how the listed application communicates.
When making configuration changes, pay attention to the application path listed in the default rule. The path defined in the console should match the path on the client side.
Adding Application Rules
- Click on the name of the policy you would like to alter
- Navigate to Service Settings ▸ Firewall ▸ expand Firewall Settings ▸ Firewall rules ▸ Application rules
- Click + Add application rule
- Fill out the full application name and path
- Select what connections are allowed: Internet in only, Internet out only, all, or no connections
- You can also select custom rules for various ports and protocols by clicking Custom, then adding or altering the packet rules in the table
- Click Add application rule
- Click Save in the bottom-right corner when you are done adding rules
Policy vs. Client Settings
The policy settings for what connections are allowed are named differently on the client.
| Policy Setting | Client Setting |
|---|---|
| Auto-decide | Smart Mode |
| All connections | Allow |
| No connections | Block |
| Ask user | Ask |
Custom Application Rules
- Click the pencil icon to the right of the application name to edit the rule
- In the Allow column, click Custom in the drop-down menu
- Click + Add packet rule
- Fill out the following:
- Rule name
- Action: allow or block
- Protocol
- Direction
- IP Address
- Local Port
- Remote Port
- Profile
- Click Add packet rule
- Click the save icon in the table
- Click Save in the bottom-right corner when you are done adding rules
Environment Variables
Firewall will not allow entire directories/folders nor accept wildcards (such as * or ?), but you may use the below system variables for specific filenames.
%UserProfile%
Use this if you need to specify an executable file located in a folder where applications are stored in the users' profiles
- %UserProfile%\AppData\Local\app.exe → C:\Users\(UserName)\AppDate\Local\app.exe
%CommonProgramFiles(x86)%
Use this if you need to specify an executable file located in a folder where shared program files for 32-bit applications are stored
%CommonProgramFiles(x86)%\app.exe→C:\Program Files (x86)\Common Files\app.exe
%ProgramFiles(x86)%
Use this if you need to specify an executable file located in a folder where program files for 32-bit applications are stored
%ProgramFiles(x86)%\app.exe→C:\Program Files (x86)\app.exe
%CommonProgramFiles%
Use this if you need to specify an executable file located in a folder where shared program files are stored
%CommonProgramFiles%\app.exe→C:\Program Files\Common Files\app.exe
%ProgramFiles%
Use this if you need to specify an executable file located in a folder where program files are stored
%ProgramFiles%\app.exe→C:\Program Files\app.exe
%WINDIR%\SysNative
Use this if you need to specify an executable file located in a core folder of the operating system
%WINDIR%\SysNative\app.exe→C:\Windows\System32\app.exe
%WINDIR%
Use this if you need to specify an executable file located inside an operating system folder
%WINDIR%\app.exe→C:\Windows\app.exe
%SYSTEMDRIVE%
Use this if you need to specify an executable file located anywhere else on the system drive
%SYSTEMDRIVE%\folder_name\app.exe→C:\folder_name\app.exe
Other Articles In This Section:
Firewall Advanced Packet Rules
Related Articles: